add hooks for adding and removing a certificate fingerprint (#822)

this is to support a module that will warn users when they add
a certificate fingerprint that doesn't look like what we're
expecting

diff --git a/include/atheme/hook.h b/include/atheme/hook.h
index 3a04b75d94c0700abad37d9496618bb57f36ff40..3a05ea3d21803eea0587fb1e3a6ba2006973f895 100644 (file)
--- a/include/atheme/hook.h
+++ b/include/atheme/hook.h
@@ -238,6 +238,13 @@ struct hook_user_req
        struct mynick *     mn;
 };
 
+struct hook_user_certfp
+{
+       struct sourceinfo * si;
+       struct myuser *     mu;
+       char                certfp[512];
+};
+
 void hook_del_hook(const char *, hook_fn);
 void hook_add_hook(const char *, hook_fn);
 void hook_add_hook_first(const char *, hook_fn);

diff --git a/include/atheme/hooktypes.in b/include/atheme/hooktypes.in
index eee78399b1e4e4dad9d45ad58ecae8661b0db47e..1243dcbad2f88b08f387e8e514a559196cfb3d23 100644 (file)
--- a/include/atheme/hooktypes.in
+++ b/include/atheme/hooktypes.in
@@ -84,6 +84,8 @@ user_can_login                  struct hook_user_login_check *
 user_can_logout                 struct hook_user_logout_check *
 user_can_register               struct hook_user_register_check *
 user_can_rename                 struct hook_user_rename_check *
+user_certfp_add                 struct hook_user_certfp *
+user_certfp_del                 struct hook_user_certfp *
 user_check_expire               struct hook_expiry_req *
 user_drop                       struct myuser *
 user_identify                   struct user *

diff --git a/modules/nickserv/cert.c b/modules/nickserv/cert.c
index 1652cf560c282e6482fc271863c9066be4f1088c..a1e53e4deb39dd87c17f68f7e7c9f9ff181d3091 100644 (file)
--- a/modules/nickserv/cert.c
+++ b/modules/nickserv/cert.c
@@ -132,23 +132,34 @@ ns_cmd_cert(struct sourceinfo *si, int parc, char *parv[])
                        return;
                }
 
-               cert = mycertfp_find(mcfp);
+               struct hook_user_certfp hdata = {
+                       .si = si,
+                       .mu = mu,
+               };
+               mowgli_strlcpy(hdata.certfp, mcfp, sizeof hdata.certfp);
+               hook_call_user_certfp_add(&hdata);
+
+               if (!hdata.certfp[0])
+                       return;
+
+               cert = mycertfp_find(hdata.certfp);
                if (cert == NULL)
                        ;
                else if (cert->mu == mu)
                {
-                       command_fail(si, fault_nochange, _("Fingerprint \2%s\2 is already on your fingerprint list."), mcfp);
+                       command_fail(si, fault_nochange, _("Fingerprint \2%s\2 is already on your fingerprint list."), hdata.certfp);
                        return;
                }
                else
                {
-                       command_fail(si, fault_nochange, _("Fingerprint \2%s\2 is already on another user's fingerprint list."), mcfp);
+                       command_fail(si, fault_nochange, _("Fingerprint \2%s\2 is already on another user's fingerprint list."), hdata.certfp);
                        return;
                }
-               if (mycertfp_add(mu, mcfp, false))
+
+               if (mycertfp_add(mu, hdata.certfp, false))
                {
-                       command_success_nodata(si, _("Added fingerprint \2%s\2 to your fingerprint list."), mcfp);
-                       logcommand(si, CMDLOG_SET, "CERT:ADD: \2%s\2", mcfp);
+                       command_success_nodata(si, _("Added fingerprint \2%s\2 to your fingerprint list."), hdata.certfp);
+                       logcommand(si, CMDLOG_SET, "CERT:ADD: \2%s\2", hdata.certfp);
                }
                else
                        command_fail(si, fault_toomany, _("Your fingerprint list is full."));
@@ -167,14 +178,26 @@ ns_cmd_cert(struct sourceinfo *si, int parc, char *parv[])
                        command_fail(si, fault_noprivs, STR_NOT_LOGGED_IN);
                        return;
                }
+
+               struct hook_user_certfp hdata = {
+                       .si = si,
+                       .mu = mu,
+               };
+               mowgli_strlcpy(hdata.certfp, parv[1], sizeof hdata.certfp);
+               hook_call_user_certfp_del(&hdata);
+
                cert = mycertfp_find(parv[1]);
+               if (cert == NULL && strcasecmp(parv[1], hdata.certfp))
+                       cert = mycertfp_find(hdata.certfp);
+
                if (cert == NULL || cert->mu != mu)
                {
                        command_fail(si, fault_nochange, _("Fingerprint \2%s\2 is not on your fingerprint list."), parv[1]);
                        return;
                }
-               command_success_nodata(si, _("Deleted fingerprint \2%s\2 from your fingerprint list."), parv[1]);
-               logcommand(si, CMDLOG_SET, "CERT:DEL: \2%s\2", parv[1]);
+
+               command_success_nodata(si, _("Deleted fingerprint \2%s\2 from your fingerprint list."), cert->certfp);
+               logcommand(si, CMDLOG_SET, "CERT:DEL: \2%s\2", cert->certfp);
                mycertfp_delete(cert);
        }
        else